Cryptomining Attacks Now Reported by One in Three UK Enterprises

Almost 50% of large UK businesses that stockpile cryptocurrencies are becoming easy targets for ‘crypto-miners’

Nearly a third of UK businesses have admitted to being hit by cryptomining attacks in the previous month, a new research by Citrix has revealed.

During the research, commissioned by Citrix and carried out by OnePoll, 750 IT decision-makers in the UK were quizzed regarding the growing risks of cryptomining cyber-attacks and three in 10 admitted to being affected by crypto-mining attacks within the previous month.

A crypto-mining attack occurs when a hacker installs malware that mines cryptocurrencies in the background of the infected machine, which usually slows down significantly.

According to the report, 50 percent of large UK businesses are stockpiling cryptocurrencies to provide a quick means of payment in case of a ransomware attack, becoming easy targets for ‘crypto-miners’.

It said that 59 percent of respondents had detected cryptomining attacks on their systems at some point, with four in five occurring in the last six months. Only 38 percent of respondents believe they have never been subjected to such an attack.

More than a third of the victims discovered the attack through their network monitoring solutions; one in three said they were alerted by employees; and nearly one in five discovered the attack following a spike in slower device performance.

Anti-malware software alerted the IT leaders in just 7 percent of cases.

Network Monitoring Solutions

The report said that attacks typically affect up to 50 devices, as reported by three in five businesses and just 11 percent of respondents reported more than 100 devices being affected.

Furthermore, the report said that only two thirds of organisations have a formal policy in place should they be subjected to a cryptomining attack.

Businesses that do not make policies mostly depend on network monitoring solutions, anti-malware solutions and ‘blocking’ mining websites. Also, 21 percent businesses do not have contingency measures in place.

Citrix chief security architect Chris Mayers said: “The threat of a ransomware attack is still very real for large businesses. Many organisations have therefore invested in cryptocurrencies as a means of payment to restore their data as quickly and efficiently as possible.

“However, in a somewhat unfortunate vicious circle, this stockpiling of potentially valuable currency has now made them a target – and businesses appear slow to react to this threat, with many yet to put formal plans in place should they fall victim to an attack.

“Centralising data storage and management should form a key part of such plans, ensuring organisations keep their customer data and critical IP far from devices and end-points with possible vulnerabilities.

“This gives cyber-attackers fewer opportunities to gain leverage and demand ransoms – saving businesses from costly expenses, as well as supporting with long-term compliance for regulations such as the GDPR.”